@stephenw10 I just check, created a cert for 10 years.. Put it on my printer and firefox didn't say a word about it being valid for 10 years.. Signed by my CA that it trusts.. [image: 1714513121754-length.jpg] https://source.chromium.org/chromium/chromium/src/+/main:net/docs/certificate_lifetimes.md?q=certificate%20lifetime&ss=chromium&originalUrl=https:%2F%2Fcs.chromium.org%2F Beginning with Chrome 85, TLS server certificates issued on or after 2020-09-01 00:00:00 UTC will be required to have a validity period of 398 days or less. This will only apply to TLS server certificates from CAs that are trusted in a default installation of Google Chrome, commonly known as "publicly trusted CAs", and will not apply to locally-operated CAs that have been manually configured.

@stephenw10 - I think it should only need to be this query - (&(objectClass=posixGroup)(cn=vpn)(memberUid=*)) I just get a red box on the authentication test page in pfSense - The following input errors were detected: Authentication failed. Unfortunately there doesn't seem to be any LDAP logs generated on the QNAP :(

See: https://redmine.pfsense.org/issues/15078 It will always show Plus as an update if your device is eligible because it checks all available update branches. If you really need it I can manually remove the eligibility. Steve

Yes that could work, assuming it's a USB device since there are only 3 ports. Modem support in pfSense is variable though. Be aware.

Thank you Netgate!! [image: 1714494177553-screenshot-2024-04-30-at-09.21.11.png]

Yup, no way to recover those as far as I know. There are scripts named the same available via Google though.

It's fixed now!

@stephenw10 I Managed to figure it out myself thanks. Having successfully installed the software, I forgot to Eject the ISO, I had used to build it. So, when it restarted, It tried to reinstall. I therefore Cancelled the re-installation, and ended up God knows where. I suspect id was in BSD. I was there that I could not log into psfSense! Anyway, having re-read the notes I wrote myself, the first time I installed pfSense. I saw my comments, in red, about ejecting the ISO. Did that - problem solved.

Yup all 1537s return an invalid PCH temp value as far as I know. I don't know if it's the driver or the device itself that's incorrect. However it's not an indication of a fault just an incompatibility with that particular device.

@wtowens207 A client might be asking for that... I am not aware of anything in pfsense that would be looking to download the wpad.dat file.. What packages do you have installed? I believe this has something to do with the proxy, but I'm not running a proxy on my firewall. So you have a proxy internally? It could be trying to download that from your host, and yeah if your host says hey this source IP is bad, block it - then sure all your connections from pfsense would be blocked, ie all clients behind it, etc. Or it could just be some other client behind pfsense trying to download that..

@jimp said in Some Firewall rules not working after upgrade to 24.03 - rules between subnets are not passed through: but it's best to fix them up properly and eliminate the problem. Exactly!!! Completely agree, even if a bit painful for some. I can foresee increase in tickets to TAC..

@cougarmaster The backed up config file contains everything. But don't take my word for it. Get one, open if with a text editor, and look for yourself ^^

@JonathanLee said in Fidium: The IPv6 they said will be dynamic Make sure System / Advanced / Networking Do not allow PD/Address release is selected. If your ISP respects it, you will have a virtually static prefix. I've had my prefix for over 5 years.

I would really have a look to get equipment for home and mobile. The gadget is good is something occurs at home or for home usage, but if you leaf the home, there is nothing because in normal you may take your phone with you. A mobile or LTE modem for home usage would be my way and looking mor for a cable based internet if it will be able.

@energyvortex after a reboot ( reroot) the error MSG is gone now, crazy! thank you!

@pst no pcaps done. next time it happens i will take one off the firewall.

@stephenw10 Great I’ll Implement it this evening in my environment and see what results I experience. I’ll use the links you provided for bridging WAN to VLAN.

That first error is almost certainly because after upgrading you are seeing aditinal temperature values from something. Reset the RRD data and it will create with the corect number of values. The second error is common at boot. The first error is also something you see at boot so I assume at least one part of the context here is that yu are seeing these logged at boot?

Yup the MR was pulled in and the pkg updated now.